<?php
/**
 * Created by PhpStorm.
 * User: 47474
 * Date: 2021/12/11
 * Time: 16:05
 */

if(empty($_COOKIE['username'])){
    echo '<a href="../login.php">尚未登录，请登录</a>';
    die;
}

$oldPwd = $_POST['oldPwd'];
$newPwd = $_POST['newPwd'];

$usercard = $COOKIE['usercard'];
$userkey = $_COOKIE['userkey'];
session_start();

if(isset($_SESSION[$userkey])){
    if($oldPwd == $newPwd){
        exit('新密码不能与旧密码相同');
    }
    $key = md5($usercard.$newPwd);
    setcookie('userkey',$key,time()+24*3600,'/');
    $_SESSION[$key] = [
        'usercard' => $usercard,
        'userpwd' => $newPwd
    ];
    echo '密码修改成功';
}
